unique understanding of the Kantara Initiative’s Identity Assurance Framework (IAF)
– Zygma's CEO, Richard Wilsher, was the principal architect of the IAF and principal author of the Service
Assessment Criteria, the Assessor Qualifications and Requirements, and the IAF’s
processes. Our understanding of the IAF is unsurpassed. Add our auditing
capabilities and we are able to offer the complete range of services described below.
To date Zygma has guided three of the approved services towards their
Approval, acting as the Kantara Assessment Manager in one case, and has been the Assessor for
three approved CSPs. In addition, Zygma is presently engaged to perform assessments of two major service providers. We think this is a track record which speaks for itself. We will be happy to provide you with contact details for referees from any of these clients.
Support Services are offered at Assurance Levels 1, 2 and 3.
your proposed assessment evidence to determine its readiness for submission.
This may be done either as a stand-alone assessment, i.e. as a first-party audit
executed entirely on your behalf prior to you being audited by another party, or
as a readiness assessment prior to Zygma performing the formal Kantara-required
third-party Service Assessment (see below).
will review the presentation of the Applicant’s material
and will either:
a) provide specific guidance on further evidential requirements
and recommendations for fulfilling any shortcomings in that evidence (where
Zygma has no arrangement with the Applicant to act as its Accredited Assessor), or
b) indicate non-conformities with Kantara’s evidential requirements
as set out in the applicable SACs (where Zygma is contracted by the Applicant to act
as its Accredited Assessor).
As one of
Zygma is able to undertake an assessment of your Identity / Credentialing Service under any of the
Kantara IAF scenarios – at Assurance Levels 1, 2 and 3, and whether for
Service Component or Full Service Provision Approval.
As the principal architect of the Kantara IAF we have some unique approaches to
performing our assessments, which will be generally based upon
IS17021/27006/27007 principles or can become formally-based upon IS27006 if the
client so desires.
Follow the link
below to Kantara's Trust Status List, to confirm Zygma's ongoing Accredited
Support / Management:
indicated, Zygma can work side by side with its clients to guide them through
the processes of getting their service and internal operations ready for a
successful assessment, or can go so far as to take on the responsibility to
manage the assessment application and get the service through to the conclusion
of the assessment, ultimately leading to a grant of Approval. Of course,
this still requires the client to provide the responsive resources necessary to
bring the organization into line with Kantara's criteria. Whatever the
depth of involvement, Zygma's broader expertise can be brought into play to
ensure that the client's information security accommodates other obligations,
such as FISMA, HIPAA, IS27001, etc.
Whatever your needs concerning Kantara Approval, Zygma is your best and most
experienced option. Call or email to arrange a no-obligation discussion
about your needs and how Zygma can help you fulfill them.
Back to Top»»